Judge gives second AT&T iPad hacker more time to make plea deal
Follows in footsteps of co-defendant, who pleaded guilty last month in return for recommended 12-to-18-month sentence
Computerworld - A federal judge has put the case against a man charged with hacking AT&T's website on hold to allow plea negotiations to continue, court documents show.
On Wednesday, U.S. District Court Jude Susan Wigenton suspended the case against Andrew Auernheimer, who faces a maximum of 10 years in prison if convicted of two felony charges, conspiracy to access a computer without authorization, and fraud in connection with personal information.
"Plea negotiations are currently in progress and both the United States and the defendant desire additional time to finalize a plea agreement, which would render trial of this matter unnecessary," Wigenton wrote in her order, made public Thursday on the U.S. Department of Justice's case database.
Auernheimer and his court-appointed federal public defender have been negotiating a plea agreement for at least the last month.
Auernheimer, who goes by the online nickname of "weev," was a member of Goatse, a loose collection of hackers, authorities have alleged. Along with co-defendant Daniel Spitler, he is accused of stealing approximately 120,000 names and email addresses of iPad 3G owners from AT&T servers in June 2010 using an automated scripting tool.
Among the email addresses eventually made public -- Auernheimer gave information obtained from AT&T to the Gawker website -- were those belonging to New York Mayor Michael Bloomberg, former White House chief-of-staff Rahm Emanuel, and top executives at Dow Jones, The New York Times Co. and Time Warner.
At the time, Auernheimer argued that the hack was "ethical" and "in the public interest" because it revealed a flaw in AT&T's website.
Later he accused AT&T of dishonesty when it downplayed the damage to affected customers.
Auernheimer argued that other hackers armed with an iPad exploit could have used the email addresses in a targeted attack.
"A complete list of iPad 3G customers, which could have been generated from this vulnerability [Goatse uncovered], would have the ideal bit of data for those...with zero-day Safari exploits," Auernheimer claimed in a June 2010 post to the Goatse blog.
But according to the federal indictment against Auernheimer, he and Spitler had discussed exploiting their hack. "This could be like, a future massive phishing operation serious like this is valuable data," Auernheimer allegedly told Spitler in an IRC chat that authorities included in the indictment.
"Well I will say this it would be against the law ... for ME to short the att stock but if you want to do it go nuts," Auernheimer said to Spitler in another chat fragment. "If you short ATT dont let me know about it."
Spitler pleaded guilty last month to similar charges. His plea agreement recommended a 12-to-18-month sentence.
Auernheimer's attorney did not reply to a request for comment.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org.
- US agencies to release cyberthreat info faster to healthcare industry
- UPS now the third company in a week to disclose data breach
- Healthcare organizations still too lax on security
- Why would Chinese hackers want US hospital patient data?
- About 4.5M face risk of ID theft after hospital network hacked
- Supervalu breach shows why move to smartcards is long overdue
- Grocery stores in multiple states hit by data breach
- Update: Payment cards with chips aren't perfect, so encrypt everything, experts say
- U.S. agencies halt background checks by contractor after cyberattack
- Five unanswered questions about massive Russian hacker database
Read more about Legal in Computerworld's Legal Topic Center.
- Cloud Computing Drives IT and Business Agility Hybrid Cloud Accelerates Time to Value What is the main focus for IT in your organization - cost or agility? Many IT discussions today focus on cost controls rather...
- Infographic:10 Reasons to Choose vCloud Air Looking to create an agile, productive, and efficient IT environment? Read this simple infographic to learn about the benefits that VMware vCloud® Air™...
- Data Visualization Techniques: From Basics to Big Data with SAS Visual Analytics This paper discusses some of the basic issues concerning data visualization, from data size and column composition, to solving unique challenges presented by...
- 5 Hybrid Cloud Starting Points Did you know that more than 50% of organizations are already using or planning a move to hybrid cloud?
- Cloud BI in Action: Recorded Webinar of Customer, Kony, Inc. See how Kony, Inc., a leading enterprise mobility company, is using TIBCO Jaspersoft for Amazon Web Services and Redshift to achieve embedded analytics...
- Cloud BI Overview: Jaspersoft for AWS Check out this overview of Jaspersoft for AWS, to easily and affordably build business intelligence solutions as well as embed visualizations and analytics... All Legal White Papers | Webcasts